CVE-2024-47107 - IBM QRadar SIEM 7.5 Vulnerability Exposes Users to Stored XSS Attacks
In May 2024, a significant security flaw was discovered in IBM QRadar SIEM version 7.5. This bug, logged as CVE-2024-47107, allows authenticated users to
CVE-2024-47115 - Breaking Down the Local Command Injection Threat in IBM AIX 7.2/7.3 & VIOS 3.1/4.1
Earlier this year, a serious vulnerability—CVE-2024-47115—was published, targeting enterprise environments running IBM’s AIX and VIOS systems. This flaw allows any local user,
CVE-2024-11457 - Feedpress Generator Plugin Exploit – Reflected XSS in WordPress
In early 2024, a security vulnerability was discovered in the popular Feedpress Generator – External RSS Frontend Customizer plugin for WordPress. The plugin lets website owners
CVE-2024-11380 - Stored XSS in WordPress Mini Program API Plugin (qvideo Shortcode) All Versions ≤ 1.4.5 – Explained & Exploited
WordPress is the world’s favorite CMS, but sometimes its power comes with risk. On February 26, 2024, a security flaw was reported in the
CVE-2024-12326 - Bypassing SVG Preview Restrictions in Jirafeau via Mixed-Case MIME Types
Date Published: 2024-06-20
Overview
Jirafeau is a popular open-source lightweight file sharing web application. By design, it prevents the preview of SVG files in browsers—
Episode
00:00:00
00:00:00